search

blindnet-io / privacy-components-web

Collection of Web Components helping developers to execute privacy-by-design and privacy UX.
https://pc4w.blindnet.dev
MIT License
7 stars 4 forks source link

It's possible to have a demand granted with no response #246

Open milstan opened 1 year ago

milstan commented 1 year ago

Description

Example: Transparency demand is GRANTED yet no response is given.

image

Intended outcome

Show response - even if "Null"

m4rk055 commented 1 year ago

Transparency demand does not have an answer itself, but contains other transparency demand responses (dpo, retention policies etc.) which should be displayed in the same list as this demand.

jboileau99 commented 1 year ago

Transparency demand does not have an answer itself, but contains other transparency demand responses (dpo, retention policies etc.) which should be displayed in the same list as this demand.

@m4rk055 That's how it works currently, for a Transparency demand it will display a list item for each Transparency.* action.

For this issue though, it's a Transparency.Retention demand, and the answer is empty. Checking the demo app, the response JSON is: 

{
    "demand_id": "c8fc4829-d46f-49e8-98b5-1f136c88dfce",
    "date": "2022-11-21T11:10:07.539Z",
    "requested_action": "TRANSPARENCY.RETENTION",
    "status": "GRANTED",
    "motive": null,
    "answer": "{\n  \n}",
    "message": null,
    "lang": null,
    "includes": [],
    "data": null
}

It wasn't empty before, the answer had a list of objects matching the RetentionPolicy schema I believe. Is it someting in the demo PCE configuration that's causing it to return an empty string?

m4rk055 commented 1 year ago

It's returning only the retention policies for data categories included in user's privacy scope. I think your eligible privacy scope is empty because you made restrict/object demands.